<? include("include/mysql.config.php") ?>
<?
ob_start();
$action=$_GET['ac'];
    $name=$_POST['name'];
    $pass=$_POST['pass'];
    $checkcode=$_POST["check"];
    $check=$_SESSION['randstr'];
    echo $check;
    echo "<br>input:".$checkcode;
    $error=array();
    if($name==null){
        $error[]='用户不能为空';
    }
    if($pass==null){
        $error[]='密码不能为空';
    }
    if($check==null){
        $error[]='验证码不能为空';
    }
    else{
        if($check!=$checkcode){
        
            $error[]='验证码码不正确';
        
        }
    }

    if(count($error)==0){
        if($name!=null&&$pass!=null){
            $sql="select * from admin where admin_name='$name' and admin_password='$pass'";
            echo $sql;
            echo $sql;
            $time1=microtime();
            $result=mysql_query($sql,$conn);
            if($result){
                if(mysql_num_rows($result)==1){
                    $_SESSION["amdin_name"]=$name;           
                    $_SESSION["amdin_pass"]=$pass;           
                    header("Location:admin.php");
                }
                else{
                     $error[]='账号密码错误';
                }
            }
            else
            {
            $error[]='账号密码错误';
            }
        }

    }
    else{
        $_SESSION["login_error"]=$error;
        header("Location:login.php"); 
    }
    
?>

